Ghostor: Toward a Secure Data-Sharing System from Decentralized Trust

Sam Kumar, Yuncong Hu and Raluca Ada Popa

EECS Department
University of California, Berkeley
Technical Report No. UCB/EECS-2020-107
May 29, 2020

http://www2.eecs.berkeley.edu/Pubs/TechRpts/2020/EECS-2020-107.pdf

Data-sharing systems are often used to store sensitive data. Both academia and industry have proposed numerous solutions to protect user privacy and data integrity from a compromised server. Practical state-of-the-art solutions, however, use weak threat models based on centralized trust—they assume that part of the server will remain uncompromised, or that the adversary will not perform active attacks. We propose Ghostor, a data-sharing system that, using only decentralized trust, (1) hides user identities from the server, and (2) allows users to detect server-side integrity violations. To achieve (1), Ghostor avoids keeping any per-user state at the server, requiring us to redesign the system to avoid common paradigms like per-user authentication and user-specific mailboxes. To achieve (2), Ghostor develops a technique called verifiable anonymous history. Ghostor leverages a blockchain rarely, publishing only a single hash to the blockchain for the entire system once every epoch. We measured that Ghostor incurs a 4–5x throughput overhead compared to an insecure baseline. Although significant, Ghostor's overhead may be worth it for security- and privacy-sensitive applications.

Advisor: David Culler and Raluca Ada Popa


BibTeX citation:

@mastersthesis{Kumar:EECS-2020-107,
    Author = {Kumar, Sam and Hu, Yuncong and Popa, Raluca Ada},
    Title = {Ghostor: Toward a Secure Data-Sharing System from Decentralized Trust},
    School = {EECS Department, University of California, Berkeley},
    Year = {2020},
    Month = {May},
    URL = {http://www2.eecs.berkeley.edu/Pubs/TechRpts/2020/EECS-2020-107.html},
    Number = {UCB/EECS-2020-107},
    Abstract = {Data-sharing systems are often used to store sensitive data. Both academia and industry have proposed numerous solutions to protect user privacy and data integrity from a compromised server. Practical state-of-the-art solutions, however, use weak threat models based on <i>centralized trust</i>&#8212;they assume that part of the server will remain uncompromised, or that the adversary will not perform active attacks. We propose Ghostor, a data-sharing system that, using only <i>decentralized trust</i>, (1) hides user identities from the server, and (2) allows users to detect server-side integrity violations. To achieve (1), Ghostor avoids keeping any per-user state at the server, requiring us to redesign the system to avoid common paradigms like per-user authentication and user-specific mailboxes. To achieve (2), Ghostor develops a technique called <i>verifiable anonymous history</i>. Ghostor leverages a blockchain <i>rarely</i>, publishing only a single hash to the blockchain <i>for the entire system</i> once every epoch. We measured that Ghostor incurs a 4–5x throughput overhead compared to an insecure baseline. Although significant, Ghostor's overhead may be worth it for security- and privacy-sensitive applications.}
}

EndNote citation:

%0 Thesis
%A Kumar, Sam
%A Hu, Yuncong
%A Popa, Raluca Ada
%T Ghostor: Toward a Secure Data-Sharing System from Decentralized Trust
%I EECS Department, University of California, Berkeley
%D 2020
%8 May 29
%@ UCB/EECS-2020-107
%U http://www2.eecs.berkeley.edu/Pubs/TechRpts/2020/EECS-2020-107.html
%F Kumar:EECS-2020-107